Roger Halbheer

Job title:
Chief security advisor, Microsoft

Areas of expertise:
Policy, architecture, law enforcement, cybersecurity, processes

Biography:
Roger Halbheer joined Microsoft as Chief Security Advisor of Microsoft Switzerland in 2001 and was promoted to the role of Chief Security Advisor for Microsoft Europe, the Middle East and Africa (EMEA) in February 2007. Roger leads a team of national Chief Security Advisors across EMEA who work with organizations in the commercial and public sectors - including national governments, law enforcement and intelligence agencies - on information technology issues and strategies. He is a trusted advisor to C-level executives, governments and law enforcement agencies and has established relationships with security communities and government agencies across the region. Roger is a regular speaker at industry events and has worked with national and international print and broadcast media both to represent Microsoft and to provide expert comment on broader security issues. A Swiss national, Roger holds a Master of Computer Science degree from the Federal Institute of Technology in Zurich and is a Certified Information System Security Professional (CISSP). Before joining Microsoft, he was responsible for e-Business Risk Management at PricewaterhouseCoopers in Switzerland. He lives in Zurich and is married with two sons.

Bloggers

Blog

Cloud Security Paper: Looking for Feedback

As most of you well know, I was looking for information and opinions on Cloud Security over the last year. I found a lot of papers, but when I talk to our customers I realize that they think about the Cloud but Cloud Security is mainly something for the specialists – which it is not for me. Therefore, I was looking into preparing something on a management level that is easy to read and understand and finally makes it more appetizing to look deeper into the subject.

Probably the biggest challenge we had was to make sure that we do not oversimplify. Finally, we did not want to re-invent the wheel. There is very good material out there (e.g., from the Cloud Security Alliance and ENISA), which I would rather reference than do something similar.

At the end we came up with two new papers. One is written by our Trustworthy Computing organization and is a high-level overview of the Cloud and the corresponding security opportunities and challenges. You can find it here: Security in Cloud Computing Overview.

Additionally Doug Cavit – a Principal Security Strategist at Microsoft – and me were working on core considerations you have to make when you include the Cloud into you IT strategy. The paper is located here: Cloud Computing Security Considerations. This is the paper I would like to get your feedback on. Please keep the target audience in mind. In other words, if you give this paper to your CIO or even your CEO, if you would give it to a government elite in your country or a journalist – what is your view on it? What are you missing? What is good?

To set your expectations: I will answer all mails with constructive feedback, but as I am heavily on the road over the next few months, give me a little bit more than 24 hours (which I try to have normally) – but I will come back to you, promised! If you think that a call might be more accurate as you have so much to say, we might be able to do that – depending on the number of requests. What I cannot promise is that we will include all the feedback into a next version – if a next version is needed. My experience shows that feedback is sometimes contradicting to each other and sometimes I will disagree – and we might to have to sort that out.

So, you are definitely free to use the documents and if you would even be willing to take the time to give us feedback, I would highly appreciate. My mail is roger.halbheer@microsoft.com – looking forward to a lot of mails!

Roger Halbheer

Tag Cloud

Bloggers

Blog

Cloud Security Paper: Looking for Feedback

Comment on this blog

Members' Login

Not a member?